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Abstract 

Essential steps in constructive black-box recognition algorithms 
for finite symmetric groups S n and alternating groups A n are the 
construction of n-cycles, or (n — l)-cycles for A n with n even, and 
the construction of a 2-cycle or 3-cycle. The latter elements are often 
constructed from elements containing an m-cycle for an appropriate 
m > n — 6. 
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These 'black-box' methods can be applied to recognise the 'large- 
base' primitive permutation representations of A n or S n on fc-sets for 
arbitrary k < n/2. They offer the possibility of very fast recognition of 
such large-base groups provided there is an efficient way of identifying 
elements that contain an m-cycle in the natural representation, for 
n — 6 < m < n. We show that, for a random element g in S n acting on 
fc-sets, simply checking that 4 random points each have m, 2m or 3m 
images under g, implies with high probability that g contains an Tri- 
cycle in the natural representation on n points. Thus computing 0(n) 
images of points under g is sufficient to make an important inference 
about a permutation on (Tj points, even when k is unbounded as n 
increases. 

1 Introduction 

Permutation group algorithms focus on finite primitive permutation groups 
and generally require a base, such that the elements of the group are de- 
termined by the images of the base points. Very efficient algorithms are 
available when the group has a relatively small base (see [13]). Thus it is im- 
portant to know whether a given primitive group is large-base. By a result of 
Liebeck [6], every large-base primitive group involves the action of the alter- 
nating group A n or the symmetric group S n on the set of /c-element subsets 
of {1, . . . ,77,}, for some 77 and k < n/2. A fundamental problem therefore is 
to recognise whether a given permutation group is equivalent to A n or S n in 
its action on /c-sets, for some k < n/2. 

Algorithms to recognise A n and S n involve finding 77-cycles (or (n — 1)- 
cycles in the case of A n with 77 even) and a 2-cycle or 3-cycle. The latter 
elements are often constructed from elements containing an 777-cycle for some 
777 > 77 — 6. Warlimont [14] proved that the conditional probability that a 
random element g in S n is an 77-cycie, given that g n = 1, is 1 — O^^ 1 ). 
This result was generalised for permutations containing an m-cycle for some 
777 > 77 — 6 in [2, 10] leading to efficient 'black-box' recognition algorithms for 
A n and S n , where the complexity is measured by the number of black-box 
operations (group multiplications, inversions and equality checks). 

When applying these black-box algorithms to permutation groups on 
points, a single group operation costs 0( (™) ) integer operations. Surprisingly, 
especially in the case where k is large, we can do much better - drawing 
inferences about permutations on (™) points by their actions on only a small 
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fraction of the permutation domain. 



We show that, for n — 6 < m < n and for a random element 
g E S n in the action on (?) points, simply checking that 4 random 
points each have m, 2m or 3m images under g, implies with high 
probability that g contains an m-cycle in its natural representation 
on n points. 

The results of this paper underpin a new recognition algorithm [7] for the 
k-set actions of A n and S n with running time significantly less than 0((^)). 

In contrast to Warlimont's problem, we need to consider elements of order 
a multiple of the integer m, where n — 6 < m < n. In the algorithm, discussed 
briefly in Section 2, we will know that an element has this property when 
we find a cycle of length m, 2m or 3m. The challenge is to justify that 
four random cycles of such lengths indicate, with high probability, that the 
element contains an m-cycle in the natural representation. 

For the analysis of our algorithmic application, we are given integers n 
and k with 2 < k < n/2. We are concerned with the symmetric group 
Sym(f2) and the alternating group Alt(f2) on f2 = {1, . . . , n\ in their actions 
on the fc-element subsets of Q. Our main result is as follows. 

Theorem 1. Suppose that (G,n,m,r) are as in one of the lines of Table 1. 
Let A be a finite set and let H < Sym(A) be a subgroup of the symmetric group 
of A. Suppose further that the action of H on A is permutation isomorphic 
to the action of G on k-element subsets from Q = {1,2, ... ,n} for some k 
with 2 < k < n/2. 

Let h be a uniformly distributed random element of H corresponding to 
a permutation g G G of Q, and let Xi, . . . , X4 be independent, uniformly 
distributed random points of A. Then there exist positive constants Nq and c, 
where c is independent of n, m, r, such that for n > N 



Prob 



g contains an 
m-cycle 



for i — 1, ... ,4 the \ c 

h-cycle on Aj has length > 1 

r(m for some | r J n& 



In particular Theorem 1.1 gives an explicit positive lower bound for the 
conditional probability that an element g of Sym(f2) is an n-cycle, given that 
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Line G n m r to find p{G, n, m) 



1 n 1 n- cycle 1 

2 S„ odd n- 2 2 2-cycle 1 

3 even n — 3 2 2-cycle 2/3 

4 odd n 1 n-cycle 1 

5 even n — 1 1 (n— l)-cycle 1 

6 . 2 or 4 (mod 6) n — 3 3 3-cycle 1 

7 n 3 or 5 (mod 6) n - 4 3 3-cycle 3/4 

8 (mod 6) n - 5 3 3-cycle 7/20 

9 1 (mod 6) n-6 3 3-cycle 9/40 



Table 1: Groups and types of elements 

a small number of random /c-element subsets have exactly n distinct images 
under (g). Such lower bounds were promised in [11]. Our approach uses some 
ideas from [11], where the third and fourth authors [11] considered elements 
in S n of order a multiple of the degree n and showed that such elements 
fall into two families. The first family consists of those permutations which 
contain a single very large cycle of order dividing n and includes the n-cycles. 
The second family consists of permutations for which the number of points 
which lie in cycles of length dividing n is significantly less than n. The 
results in this paper both refine and extend significantly the main result of 
[11]. We employ a similar division of the set of all elements of Sym(f2) into 
several families according to properties of points which lie in cycles of lengths 
dividing n. However, these techniques alone were not sufficient to achieve 
the results in this paper. We needed to study the probability that several 
fc-element subsets of Q have exactly n distinct images under (g) for g an 
element in one of the families. For analysing our new recognition algorithms 
for subset actions of A n and S n , we also need analogous results for elements 
of Sym(f2) and Alt(f2) containing m-cycles, for m > n — 6. 

In Section 2 we briefly describe the algorithmic application, and in partic- 
ular we explain the meaning of the parameters given in Table 1. In Section 3 
we introduce the notation which we shall use throughout the paper and give 
the precise statement of the main result (Theorem 2). The proofs of The- 
orem 1 and Theorem 2 are given in Section 4. In particular we exhibit an 
explicit constant c for Theorem 1. We present some background material in 
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Sections 5 and 6. Sections 7-11 contain the various parts which are pulled 
together in Section 4 to combine to the proof of Theorems 1 and 2. 

2 Algorithmic Application 

The results in this paper are motivated by algorithmic applications in [7] and 
[8] . In these applications, if is a permutation group acting on a set A of m 
points. We wish to test whether H is permutation isomorphic to G = A n or 
G = S n acting on the set (^) of /c-element subsets of Q — {1, . . . ,n}. That 
is to say, whether there is a group isomorphism <p : H — > G and a bijection 
/ : A (J) such that, for each h G H and A G A, (X h )f = (X)f hip . 

We say that an element h G H corresponds to an element g G G if the 
permutation isomorphism </? maps /i to g. The algorithms [7, 8] construct 
a 'nice generating' set for H of size 2. In the case where H is permutation 
isomorphic to S n in its action on (A , this generating set consists of elements 
that, in the natural representation of S n on n points, correspond to an n- 
cycle and a 2-cycle interchanging two consecutive points of the n-cycle. In 
the case where H is permutation isomorphic to A n in its action on the 
nice generating set consists of elements that in A n correspond to an n-cycle 
or {n — l)-cycle, and to a 3-cycle. 

We wish to find these elements by selecting independent, uniformly dis- 
tributed random elements from the group H. However, the proportion of 
2-cycles in S n or 3-cycles in A n is too small to allow us to find such ele- 
ments directly by random selection. Therefore, we seek elements in H which 
correspond to permutations containing a 2-cycle or a 3-cycle together with 
one long cycle of length m, say, where m is at least n — 6 and m is coprime 
to 2 or 3, respectively. The algorithms in [7] and [8] seek elements h G H 
which correspond to the kinds of elements g listed in Table 1, where H is 
permutation isomorphic to G — S n or G — A n , with G,n as in the second 
and third columns. The fourth column, labelled m, lists the length of the 
m-cycle which the element g contains. The fifth column, labelled r, lists 
an integer between 1 and 3. Ultimately we wish to find an element h in H 
which corresponds to an element in G with cycle type as recorded in the 
sixth column. This element is constructed as a power of the element h. 

The first element in the nice generating set for H corresponds to an 
element satisfying the conditions of Line 1, 4, or 5, namely it corresponds 
to an n-cycle or an {n — l)-cycle. The second nice generator corresponds 
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to a 2-cycle if G = S n and is constructed from an element h G H which 
corresponds to g as in Line 2 or 3. If G = A n , the second nice generator 
corresponds to a 3-cycle and is constructed from h G H corresponding to 
an element g as in Line 6, 7, 8 or 9. The last column, labelled p(G,n,m), 
records a rational number such that the proportion of elements h of H which 
correspond to elements of G containing an m-cycle and with order dividing 
rm is P< - G ^'"^ (see (1)). 

The group H acts on a set A of size |A| = (™), and in the context of the 
algorithm m, n and k are so large that it is 'too expensive' to compute the 
full cycle structure of elements of H in their action on A. Instead we compute 
the cycle lengths of elements h G H on a handful of randomly chosen points 
of A, that is to say, we 'trace' these points under the action of (h). 

In computer experiments in GAP [3], we discovered that if H is permu- 
tation isomorphic to G = S n or A n on (^) then, for m, r as in one of the 
lines of Table 1, most elements of H which produced cycles of lengths a mul- 
tiple of m and dividing rm, when we traced each of four or five independent 
random points of A, corresponded to elements of G containing an m-cycle. 
This computer experiment is formalised in procedures FindMCycle and 
TraceCycle. Our experimental observation turns out to be true in gen- 
eral, and is proved in Theorem 1, and in a more precise form in Theorem 2. 
For clarity of exposition the proofs of Theorems 1 and 2 are written in terms 
of the action of G on (, ) . 

For n, m and r as in one of the lines of Table 1, define J\f(n, m) to be the 
set of all g G S n that contain an m-cycle and M g0 od{G, n, m) to be the set of 
all g G jV(n, m) D G for which o(g) divides rm. Note that, for given G, n, m, 
only one of the lines of Table 1 is satisfied, and hence r is determined by 
G, n, m. We define p(G, n, m) to be the rational number satisfying 

\M g0 od(G,n,m)\ _ p(G,n,m) 

\G\ ~ m U 

As an example of how to interpret this information, consider Line 3 of Table 1. 
The proportion of elements g of S n containing an (n— 3)-cycle is ^33, and 2/3 
of these elements contain also a 2-cycle or three 1-cycles on the remaining 3 
points. Thus the proportion of elements of S n containing an (n — 3)-cycle 
and having order dividing 2(n — 3) is = p ( Sn ^>™ ~ 3 ) , i n order to construct 
a 2-cycle (the entry in column 6 for this line), we raise the element g to 
the (n — 3) rd power producing x = g n ~ 3 . Since n — 3 is odd, the element 
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x is the identity if g has three fixed points, a 2-cycle if g contains a 2- 
cycle, or possibly a 3-cycle if g contains a 3-cycle and 3 does not divide n. 
Thus three quarters of the elements of Af goo d(S n ,n,n — 3) yield a 2-cycle by 
powering. The algorithm FindM Cycle can therefore easily be incorporated 
into a Monte Carlo algorithm to construct a transposition in this case: by 
repeating FindM Cycle a number of times we will with high probability 
construct a transposition by powering the output of FindMCycle. The 
other Lines have a similar interpretation for p(G,n,m). 

We now describe the two algorithms. Algorithm 1 assumes that we have 
a function RandomGrpElt which takes as input a generating set Y for a 
group H and returns independent, uniformly distributed random elements 
of H . Algorithm 2 assumes that we have a function RandomPoint which 
takes as input a finite set A and returns independent, uniformly distributed 
random points of A. Note that Algorithm 1 calls Algorithm 2 and that we 
assume that Algorithm 2 has access to the variables of Algorithm 1. 



Algorithm 1: FindMCycle(?t,, m, r, H, A, e, M) 

Data: Let (n, m, r) be as in one of the lines of Table 1. Let if be a 
permutation group with a generating set Y acting on a finite 
set A. Let e be a real number with < e < 1 and let M be an 
integer with M > 4. 

Result: An element h £ H or fail; 

This algorithm inspects up to 0(nlog(e -1 )) uniformly distributed 
independent random elements from H to find one which has orbits of 
length a multiple of m and dividing rm on each of M randomly 
selected points from A. If such an h £ H is found it returns h, 
otherwise it returns fail. 

Set N := [5nlog(f)]; 
for i = 1, . . . , N do 

hi := RandomGrpElt(F); 

if TraceCycle^) = true then 
return h{\ 

return fail; 



Remark: (a) The number M of random points of A tested in the algo- 
rithm TraceCycle is often a bounded constant (as, for example, in Theo- 
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Algorithm 2: TraceCycle(/i) 



Data: A permutation h G H; 
Result: A boolean 'true' or 'false' 

This algorithm tests whether the permutation h G H has orbits of 
length a multiple of m and dividing rm on M randomly selected points 
from A. If this is the case it returns true, otherwise it returns fail. 

for i = 1, ..,M do 

\i := RANDOMPOINT(A); 

Put r = {A,}^; 

for A G T do 

if |A^| 7^ r§m for some ro | r then 
return false; 

return true: 



rem 1), but in our analysis we allow it to be as large as 0(n), see (2). 

(b) The algorithm TraceCycle performs 0(n) image computations to 
check whether |A^| = r m, for each random point A. Thus if £ rp , £ rge , u im , 
are upper bounds for the costs of producing a random point using Random- 
Point, producing a random group element using RandomGrpElt, and 
computing the image of a point of A under an element of H, respectively, 
then the cost of FindMCycle is 

0(n log^" 1 )^ + M£ rp + Mnv im )). 

This cost is very modest when compared with the cost (^)^im of computing 
the product of two permutations of A (especially when k = 0(n)). The 
cost £ rp of producing a random point is very small as an integer which is 
at most (£) has at most log((^)) ~ Hog(n) bits. Thus a random point 
can be constructed by at most 0(klog(n)) calls to a Pseudo-random number 
generator, such as the Linear Congruence Method, which requires only one 
integer operation per random integer. The cost £ rge of computing a random 
group element is present in most randomised algorithms for groups. Models 
for constructing a random group element without performing multiplications 
on permutations on (™) points are discussed in [7]. 

Our main result Theorem 2 shows that these simple and inexpensive 
procedures provide an effective way to find and identify elements of S n and 
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A n containing m-cycles from their actions on /c-element subsets. 

3 Statement of the main theorem and nota- 
tion 

In order to state our main theorem we introduce several parameters that are 
used throughout the paper. Suppose that the triple (G, n, m) satisfies one of 
the Lines of Table 1, and note that r is determined by G,n,m. The integer 
M used in the algorithm FindM Cycle is assumed to satisfy 

4<M<log(f)^. (2) 



Let d(x) be the number of positive divisors of an integer x. By [12, pp. 
395-396], d(x) = x olyl \ In fact, for every 5 > 0, there is a positive constant 
cs such that 

d(x) < c s x 5 (3) 
for all x. Choose real numbers 5 and s satisfying 

s 1, 1 M - 1 

< 5 < minil — s,-,s } and - < s < — — — . (4) 

1 ' 3 2 ; 2 M K J 

Further let 

i = min {M(l - s), 3 - 2s - 26, 1 + s - 35, 2s - 25} . (5) 

By (4), all of M (1 - s) > 1, 3 - 2s - 25 > 1, 1 + s - 35 > 1 and 2s - 25 > 1 
hold. Hence i > 1. Next we define the constant as by 

a,:=^l + 3^+f^) 2 V (6) 

with cs as in (3), and the constant bM,s,s, which we usually abbreviate to b M , 
by 



= (?) M + 72 a5cSr2 * +2i + 6 ' 24 a>4rM + ^ + (^) " ' (7) 
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The theorem involves an 'error probability' e, that is, a real number satisfying 
< e < 1. We assume that the integer n satisfies the following inequalities: 

( 12(W) s + 6 
n> { {rn) s \ogn (8) 
fiab M \ V(<-i) 



Theorem 2. Lei (G,n,m) be as in one of the lines of Table 1, and Zei k be 
a positive integer satisfying 2 < k < n/2. Let M be an integer satisfying (2), 
and let s, 5 be real numbers satisfying (4), and i as in (5). Then FindMCy- 
CLE is a Monte Carlo Algorithm which, given as input a permutation group 
H permutation isomorphic to G acting on k-element subsets of {1, ... ,n} 
(via the isomorphism tp : H — >■ G), an error probability e > and the integer 
M, returns an output h such that, provided n satisfies (8), 

(a) the probability that h G H and (p(h) contains an m-cycle is at least 
1-e, 

(b) the probability that h G H and tp(h) does not contain an m-cycle is at 
most e/2, and 

(c) the probability that h = FAIL is at most e/2. 

Notation 3. For the rest of the paper we assume that n,m,r and G are as 
in one of the lines of Table 1, noting that r is determined by G, n, m. Let M 
be an integer satisfying (2), let s, 8 be real numbers satisfying (4), and let 
£,cs,a$ and b M be as in (5), (3), (6) and (7) respectively 

Let S n act naturally on Q = {1,2, ... ,n}. Let k and ko be positive 
integers satisfying 2 < k < n/2, and 1 < k < k. A /c -element subset of Q 
is called a /c -subset. 

We use the notation in Table 2 to describe an element g G S n , where 70 
is a /^-subset of Q. Here we identify a cycle of g with the subset of Q it 
permutes. 



We define in Table 3 several classes of elements in G. We usually omit 
mentioning n and m in our notation. For example, we refer to M(n, m) 
(defined in Section 2) simply as Af and to M goo d{G,n,m) simply as M goo d- 
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Cfc (7o,fiO 


length of the g-cjc\e containing 70 on fc -subsets 


s- small g- cycle 


g-cycle in Q of length less than (rn) s 


s-large g-cjc\e 


g-cycle in Q of length at least (rn) s 


AO/) 


union of ^-cycles in Q whose lengths divide rm 


EG/) 


\ A(g) 




cardinality of A(g) 


U 


cardinality of 



Table 2: Table for Notation 3 



set of all g G S n that contain an m-cycle 
set of all g G M H G for which o(g) divides rm 
set of all g G G \ A/" such that m \ o(g) 
set of all g G T such that |A(g)| < 4{rn) s 
set of all (7 G J 7 such that |A(g)| > 4(rn) s and 
all g-cycles in A(g) are s-small 

set of all g G J 7 such that |A(g)| > 4(rn) s , exactly one 
<?-cycle C in A(g) is s-large, and \A(g) \ C\ > 3(rn) s 
set of all g G J 7 such that |A(g)| > 4(rra)' s , exactly one 
<?-cycle C in A(g) is s-large, and |A(p) \ C| < 3(rn) s 
set of all g G J 7 such that |A(g)| > 4(rra)' s 
and at least two g-cycles in A(g) are s-large 



Table 3: Families of Elements 



Remark 4. (a) The definition of as is not too critical. We simply need a$ to 
be greater than or equal to the right hand side of (6) for the values of rm we 
are considering, see Remark 24 and Lemma 25. For example, if rm > c l J^ s ~^ 
then we may take as = 25/4. 

(b) Currently Equation (8) limits the practical applicability of Theorem 2 
severely, but we note that in our analysis we allow k to be as large as n/2. The 
first two inequalities of (8) imposed on n are due to the subdivision of the set 
of permutations of order divisible by m into disjoint subsets which depend 
on s. We give a uniform proof that holds for all values of k in the range 
2 < k 7^ n/2. If, for example, k were bounded as n increases, then several 
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of the arguments would be simpler and the constraints on n correspondingly 
less severe. 

(c) The main constraint forcing n to be very large is the third inequality 
in (8). For example, for our parameter choice in Theorem 1, namely M = 
4, s — ^ and 5 = |, we have c$ < 138.32 and, for n large enough, as = ^. 
In this case we find &m > 2 • 10 8 and the last inequality of (8) dictates 
n > 3.3 ■ 10 112 /e 12 . Moreover, even though a larger value of M allows us to 
choose a smaller value for c$, the choice might result in a smaller value for 
£, which in turn has undesired consequences, making bu larger, and hence 
requiring n to be larger. 

4 Proof of the Main Theorem 

The proof of the main theorem, Theorem 2, relies on many supporting results. 
In this section we subdivide the proof into various parts and show how these 
parts are then brought together to give a complete proof. The individual 
parts of the proof are proved in later sections. The main idea of the proof is to 
divide the elements of S n that could possibly be returned by FindM Cycle 
into disjoint families, and to compute the probability that TraceCycle 
returns true for an element of each of these families. The families of elements 
in this subdivision are defined in Table 3, namely Af, 7Z, S , S^, S{ ,S> 2 , and 
we use the notation introduced in this table throughout the paper. 

Proof of Theorem 2 . We prove this theorem by analysing the algorithm 
FindMCycle. Let N = \hn log(|)] . A call to algorithm FindMCycle 
can terminate in one of three possible ways: 

(Q) For some i with 1 < i < N the i-th iteration of the for-loop returns an 
element in N '. We call this a good outcome. 

(£>) For some i with 1 < i < N the 2-th iteration of the for-loop returns an 
element which is not in M . We call this a bad outcome. 

(U) The for-loop is executed N times and TraceCycle returns false 
for each of the selected random elements. In this case the algorithm 
returns Fail. We call this an ugly outcome. 

Thus to prove the three parts of Theorem 2 we must prove 

Prob(£) > 1 - e, Prob(£) < e/2, Prob(W) < e/2. 
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Clearly any two of these inequalities implies the third. We shall therefore 
prove only Prob(i3) < e/2 and Prob(W) < e/2. To study these outcomes 
more closely we define the following events. 

Ei the i-th iteration of the for-loop is executed. Let gi denote the 

random element selected in the i-ih iteration. 
Gi event E { occurs, gi G M and TraceCycle^) = true 
Bi event E { occurs, gi ^ M and TRACECYCLE(gj) = true 
Ui event E { occurs and TraceCycle^) = false 

Note that Ei = GiUBiUUi and that Prob(£' 1 ) = 1. Further, for % > 1 we 
have that 

E i = u 1 n...nu i - 1 = u i - 1 . (9) 

Thus 

g = GiV G 2 V ...V G N 

B = Bi v B 2 y . . . V B N (10) 
U = U x A U 2 A . . . A U N = U N . 

Proof that Prob(W) < e/2: For a uniformly distributed random element 
g G G, let 

pi = Prob(TRACECYCLE(g) = false | g G M good ) 
p 2 = Prob(TRACECYCLE(g) = false | g N good ) 

and let p = —p\ + r -^— £ -p 2 , where p := p(G, n, m) (see Table 1), the proportion 
of elements of G containing an m-cycle that have order dividing rm. Note 
that, since the proportion of elements containing an m-cycle in S n is 1/m, 
we have Prob(# G M g0 od) = 

Given Ei, the event Ui is the disjoint union of the events Un, that 
gi G Mgood and TRACECYCLE(gj) = false, and U i2 , that gi ^ Af goo d and 
TRACECYCLE^) = false. Thus 

Prob(£/j I Ei) = — Prob(TRACECYCLE(gi) = false I g,-, G M qood ) 
m 

Tfl — 

+ — Prob(TRACECYCLE(gi) = false I g { 4 J\f qood ) 

m 

p m — p 

= —Pi H P2 = P- 

m m 
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Note, in particular, that this probability is independent of %. By (9) we have 
E{ = Ui-x, and hence Prob(^) = Prob(^)Prob(C/i | E t ) = Prob(^_i) -p. 
As this is true for all % with 1 < i < N, we have 



Prob(^) = p\ (11) 

and in particular, 

Prob(W) = Prob(C/jv) = p N . 

The required inequality Prob(W) < e/2 holds whenever p N < e/2. We now 
prove the latter inequality. By Proposition 22 we have 1 — p\ > {^-) 
Therefore, 

p m — p p , . p f n — 2\ M . . 

p < JL pi + fL = \-f- (1- Pl )<l-£ . 12 

m m m n \ n J 

Now N = [5nlog(f)] = P^ffi""^ ] , and so by Lemma 7, (1 - ±) N < e/2. 
Thus < e/2 holds if l-£ (^) M < 1-^, or equivalent^, if (^) M < bp. 

Since p > 9/40 (see Table 1), it is sufficient to prove that (^zq) M < §• By 
our assumption, M < log(|) ^^p, and hence 

M log (^2) = M log i 1 + dh) £ M dh £ l0( 

and exponentiating both sides gives the required inequality. Thus p N < e/2 
and hence Prob(W) < e/2 is proved. 

Proof that Prob(i3) < e/2: Recall the definition of B in (10). Note that, if 
TraceCycle(^) = true, then o(g) is divisible by m. Thus, by the definition 
of J 7 , for a uniformly distributed, random element g € G, 

q := Prob(g G T and TRACECYCLE(g) = true) (13) 
= Prob(g ^ M and TraceCycle(^) = true). 

Now, for all i with 1 < i < N, we have that 

Prob(_B, I Ei) = Prob(5»i ^ J\f and TRACECYCLE(gj) = true) = q. 
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Hence Prob( J B i ) = Prob( J E i )Prob(S i | E { ) = Prob( J E i ) q. If i > 2 then 
?7j„i by (9), and so by (11), Prob(-Bj) = p l ~ 1 q. Therefore, 



N N 



Prob(S) = ^Prob(5i) = 

i=l i=l 

= ^<T^. (14) 
1 — p 1 — p 

The most substantial part of the paper is devoted to finding an upper 
bound for q. It follows from Table 3 that 

Hence 

q = q{K) + q(S ) + q(S+) + q(S{) + q(S> 2 ), 

where 



q(K) 


= Prob(g G 7Z and TRACECYCLE(g) = 


true) 


q(So) 


= Prob(g G S and TRACECYCLE(g) = 


: true) 


q(st) 


= Prob(g G and TraceCycle(^) = 


= true) 




= Prob(g G <Sf and TraceCycle(#) = 


= true) 


q(S> 2 ) 


= Prob(g G S> 2 and TRACECYCLE(g) 


= true). 



Table 4: Subdivision of the probability q of (13). 



We estimate these proportions in Sections 8 - 11. Recall the definition of i in 
(5), and that t > 1. Define b M {1Z) = (^f ) M and note that q{1Z) = Prob(g G 
7Z) ■ Prob(TRACECYCLE(g) = true | g G 1Z) < Prob(TRACECYCLE(g) = 
true | g G TZ). Then Proposition 20 gives 

Define 6 M (<So) = ascjr 2s+25 72. Then Proposition 26 and (3) give 

/ c \ . M^o) , Mgo) 
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Define &a/(£i~) = asc^r 35 6.24. Then Proposition 27 and (3) give 

Define &m(5>2) = c 2 5 r 2S ~ 2s . Then Proposition 28 gives 

Define 6 A /(5f ) = (^§7)^ • Then Proposition 29(b) yields 

Thus by (7), 

M^) + hi(So) + 6 A/ (5+) + b M (S> 2 ) + b M {Si 
< (f ) M + a sC y^72 + a&»*M + - J^ + 



,2 / 01 \ Af 



and 

<?<— • 15 

rr 

Remark 5. We make a critical observation that the argument up to this point 
relies only on the first two inequalities of (8), and does not depend on the 
third inequality of (8). 

By (15) and the inequalities (14) and (12), we have that 



Prob(£) < 

< 



Q 



P 

b M 



n 



i p 



7 / \ Af 

b M I n 



p \n — Z J n 



-1 ' 
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We showed above that (^) < § < 5p. Thus Prob(i3) < |f^. By 

assumption n > ^l^hi^ 1 ^ 1 ^ and so this is at most e/2. Hence Prob(i3) < 
e/2. 

□ 

The proof of Theorem 1 requires a short argument applying Theorem 2. 

Proo/ 0/ Theorem 1. We use the algorithm TraceCycle with M = 4. Note 
first that the probability that a random element h E H corresponds to an 
element g E G containing an m-cycle, given that the /i-cycles containing four 
random fc-subsets Ai, . . . , A4 all have lengths of the form r^m with r, | r, is 
Prob(g G M I Trace Cycle (g) = true). Recall the definition of q in (13). 
Then 

Prob(g G M | TRACECYCLE(g) = true) 

Prob(g G M and TRACECYCLE(g) = true) 

Prob(TRACECYCLE(g) = true) 
Prob(TRACECYCLE(g) = true) - q 
Prob(TRACECYCLE(g) = true) 

= 1 Q - 

Prob(TRACECYCLE(g) = true) 

> 1 I 

Prob(g G M good and TRACECYCLE(g) = true) 

= 1 1 

Prob(TRACECYCLE(^) = true | g G M good ) ■ Prob(# G Mgood) 

Set s = f, 8 = ± and let £ = 1 + f. Note that £ = min{M(l - s), 
3 — 2s — 25, 1 + s — 35, 2s — 25}, so in particular the inequalities (4) and (5) 
all hold. We choose Nq to be the least natural number for which inequality (8) 
holds. Hence the inequality (2) holds and in particular also 12(rn) s + 6 < n 
and (rn) s log(n) < n. 

Inequality (15) holds by Remark 5, so we have q < ^f, where, since 
M = 4, the constant 64 given by (7), satisfies 
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By Proposition 22 we have that Prob(TRACECYCLE(g) = true | g G 
Mgood) > (^) 4 . Also, by Equation (1), Prob(3 G Af good ) = <^A, Hence, 
using n > N , and the displayed inequality above, we have 

Prob(# G M | TRACECYCLE(g) = true) 



> 1- M 



7 / \ 4 



n 



1+ l \n — 2 J p(G,n,m) 



J5i_V_»! -1 = 1- = 

\Nq-2J p(G,n,m) n \ n * ' 



where c=(^) 4 ^A_. 



□ 



5 Preliminaries 

It is useful to collect together some of the arithmetic facts we use in the 
rather delicate estimations in the remaining sections. 

Lemma 6. Let n,m,r be as in one of the lines of Table 1, and let d be a 
divisor of rm with d < n. Then either d = m, or d < 2m/7, or r, d are as in 
Table 5. 



1 

2 

3 



m 

3 

3m 
5 



2 

2m 

5 
3m 

7 



2m 
3 



Table 5: possibilities for r and d 



In particular, either d < 2m/ 7 or d is one of at most 3 different divisors of 
rm greater than 2m/7 and in the latter case d < 2m/3 < 2n/3. 
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Proof. We have d = r oy ; where r$ divides r and j divides m. If j — 1 
then d = m since 2m > 2(n — 6) > n. So assume j > 2. Assume also 
that d > 2m/7, or equivalently 7r > 2j. If m is even, then (see Table 1) 
r = 1. Hence r = 1 and j < 2. Thus d = m/2 or m/3 as in Table 5. So 
assume now that m is odd, so j > 3. If j = 3 then we have the examples 
(r, d) = (1, f ), (2, f ), (1, ?jp) in Table 5 and no others since if r = 3 then (see 
Table 1) gcd(m, 6) = 1. Now assume that j > 5. Then ro > 1 and we find 
(r, d) = (2, (3, ^f), (3, 2p) in Table 5 and no others (since gcd(m, 6) = 1 
when r = 3.). □ 

The next result follows from the fact that log(l — p) > —p for < p < 1. 

Lemma 7. Let e,p be real numbers such that < e < 1 and < p < 1. .Set 

"log( £ -^ 



7V( £ ,p) := 
J/m > iV(e,p) t/ien (1 - p) m < e. 



V 



Lemma 8. Let s be a real number with \ < s < 1 and n, r, t positive integers 
such that 12(rn) s + 6 < n. Then 

(i) m s /n < n s /n < (rn) s /n < 1/12. 

(ii) n > 156. 

(Hi) 2{rn) s -t > ^{rn) s . 

(iv) if s = 2/3 then n > 1746. 

Proof, (i) This follows directly from 12(rm) s < 12(rn) s < 12(rn) s + 6 < n. 
(ii) As s > 1/2 and r > 1 we have 12^/n + Q < \2^frn + 6 < \2{rn) s + 6 < n. 
An easy calculation shows that this implies n > 156. (iii) Note that n > 156 
implies n s > n 1/2 > y/l56 > 12 and so 2(rn) s - t = (2r s - -^)n s > (2r s - 
±)n s = ^f±n s > ^r s n s . (iv) By calculator. □ 

The next inequalities are easily verified. 

Lemma 9. Let iel with x > 12. Then 

(a) x {\) x < and 
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For the estimates in our last arithmetic result Lemma 11, we first restate 
how to estimate sums via integrals. 

Lemma 10. Let a,b G Z with a < b, and let f(x) be a function defined on 
the interval [a — 1, b + 1], satisfying one of the lines of Table 6. Then 

£/(*)< [ b+£ f(t)dt. 



conditions on / 5 e 

increasing in [a, b + 1] 1 

decreasing in [a — 1 , b] 10 

non- negative in [a — 1, b+ 1] and for some c G (a, b) 1 1 
decreasing in [a — 1, c] and increasing in [c, 6+1] 



Table 6: Conditions of / 



Lemma 11. Let a,c G M + and n G Z + wit/i n>a>c + 2>3, and Ze£ 
t, £ G Z + u>z£n £ > 2 and t > £. Then, summing over integers x in the interval 
(a,n\, 

^ ^ ft\ c'-Ha - 1 - c) l+1 - £ 



(x — cY ^— ' \i 7 £ — z — 1 

a<x<n v ' i=0 



i+1 



Proof. Note first that if £ > £ the function /(x) = ^r^yr is decreasing on 
fa, and increasing on [tzj, n], while if £ = £ then /(x) is decreasing on 



t-£i 



(a, n]. In either case, by Lemma 10 we have ^2 a<x<n f(x) < J n ^ f(x)dx 
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Now 



n+l x t 



-Ax 



,-i 1+ c 



n+l— c 



a— 1— c 



(j/ + c) 



n+l — c * 



a—l—c 



i=0 



E 



EC 

i=0 



n+l— c 



a— 1— c 



E 



_0<i<t,i^i-l 



t 



i + l-£ + \£-l ] 



logy 

n + l - c) i+1 " £ - (a - 1 - c) m 



n+l— c 



y=a— 1— c 



i + 1 



0<i<t,i/£~l 

+ 1 1 1_ A c t+l -\\og(n + 1 - c) - log(a - 1 - c)) 



8=0 



+E 



£-2-1 

+ 1 - c) i+1 " 
i + 1 -I 



□ 



6 Binomial inequalities and partitions 

In this section we prove a result about partitions that will be needed in 
Sections 11 and 7. As preparation, we prove an inequality about certain 
binomial coefficients. 

Lemma 12. Let a be an integer such that a > 1, and let c,£ be integers such 
that 1 < £ < c. Then 

' ca — 1\ /c\ ^ ( ca N 
a — 1 

Proof. The proof is by induction on £, for fixed c, a. Since = ( ° J and 
(&D = ((c-£)a)' ^ * s sufficient to prove this for 1 < £ < \c/2\. Suppose first 
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that £ = 1. Here it is straightforward to check that 

ca — 1\ / c\ / ca 
a - 1 / VV~ V a 

Now suppose that 1 < £ < [c/2\ and that the inequality holds for £. Then, 
using induction we have 

ca — 1\ / c \ (ca — 1\ (c\ c — i ( ca\ c — 

< 



a-lj\£+lj \a-l J \£J £+1 ~ \£aj £+1 
This latter quantity is at most (^^J if and only if 

£+1 (£a)!(ca-fe)! ~ (^a + a)!(ca - - a)! 1 ' 

and this is equivalent to 

c — £ ^ca — la ca — £a — 1 ca — £a — a + 1 



£ + 1 ~ £a + a £a + a-l £a + 1 

Now the first factor on the right hand side is equal to (c — £)/(£+ 1), and 
each of the other factors is at least 1 since c > 2£ + 1 . Thus the inequality 
(16) holds, and so the induction proof is complete. □ 

Lemma 13. (a) For 2<k<d<nwe have 

d\ f d\ k fn 



. < - , 

k I \ n I \k 



and moreover, if d < an for some a < 1 then 



(fc) ^ k-id-k+1 ^ k 
©" n-k + l~ a - 



(b) For 2 < k < 2n/3 we have 

ffc/21 



(i:; 2 2 ])<<:)(S) 
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Proof. Every part of the proof depends on the following observation: 

Fact 1: For < % < t < n with i < n we have -^4 < - with strict inequality 

— — — n—i — n 

if t < n. 

For (a) observe that 



fv\ fc— 1 ■ fc— 1 

^ = TT— <TT-=f- 



1 = 8=0 

If d < an for some a < 1 then 

fd\ /fc-2 , A , , , h /fc-2 



(J [ TT ^ _ M d — fc+l /yran — i\ d — k + 1 

Now, again by Fact 1, (an — i)/ (n — i) < a and — n — a ' anc ^ t nere f° re 

d) ^ k-\d-k + l ^ k 
< a < a 

ffl- 

For (6) let n = [n/2\ and fc = [k/2\. Note then that 

© n (n - 1) ■ ■ ■ (n - k + I) 

~Q ~ „( n -l)...(n-Jfc + l) + 

-pr n - z _ -j-r k + fc - j 

i=0 j=fc J 

Now k + ko < 2n/3 + n/3 < n. Applying Fact 1 with t = no to the first 
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product and with t = k + k to the second, we obtain 

(n \ feo-1 k-l , , 

\k ) TT — TT + 

\kJ i=0 j=k 

no\ ko ( k + k^ k - k0 
n J \ n 

1 \ k ° { 3k^ 



2) \2n 

3 r^/2i /^\T fc / 2 i 



< 



2 k \n 
2 ■ 3^/21 / k \W^ 



Note that the first inequality is strict if either ko > 2 or k — 1 > ko, that is, if 
k > 3. If k = 2 then (J) = [n/2\, while 2© (g ) rfc/21 = §(n - 1) > Ln/2J. 
Thus (b) is proved for all k. 

□ 

Lemma 14. Let d, k, t be positive integers and a > such that k < d and 



t 



< a. Then 



d-k+l 

(d + t)(d + t - 1) . . . (d + t - k + 1) 
< d(d — l)...(d — k+ 1)(1 + ( 1 + a) ^ 



a(d - fc + 1) 
Proof. Note first that 

(d + t)(d + 1 - 1) . . . (d + 1 - k + 1) 

= d(l + 3)(d-l)(l + 7 -l_)...(d-A; + l)(l + 



24 



Set x = d _l +1 , so < x < a. Then 

d+*>' = E(J)* , = 1 +*E(}) a, '" sl+I SC) '" 1 

5=0 VJ/ 

□ 

Now we state and prove the result on partitions. 

Proposition 15. LetlA be a finite set of size u > 1, and let V be a partition 
of U in which all parts have size at least 2. For 2 < k < u, let N-p(ko) 
denote the number of k^-subsets of U that are unions of parts of V . Then 
N-p(ko) < (n^/2|) ; o,nd moreover, if k is odd and u is even, then u > 4 

and N-p(k ) < (^~^ly 2 )- ^ n particular, Np(k ) = 1 if k = u and N-p(k ) < 

^zj(^) otherwise. 

Proof. First we construct a partition V' of U having at most two parts of 
size 1, and all parts of size at most 2. Start with V' — and run through 
the parts of V. For each part P G V of even size, choose any partition of 
P with all parts of size 2, and add the parts of this partition to V . If all 
parts of V have even size, then the construction of V 1 is completed in this 
way. So suppose that V has at least one part of odd size. In this case V' 
will have 1 or 2 parts of size 1, and its construction is completed as follows. 
For each part P G V of odd size p := \P\, add (p — l)/2 parts of size 2 to V' 
formed from p — 1 of the points of P. Let Pi, . . . , P r be the odd length parts 
of V. Pair up the remaining r points into parts of size 2 and add them to 
V, leaving exactly 1 or 2 of these points to form singleton parts of V . 

Next we define, for each fco-subset rjofU that is a union of parts of V, a 
fco-subset t]' that is a union of parts of V' . Note that if ko is odd then t] must 
contain a part of V of odd size, and in this case V' has one or two singleton 
parts. If ko is odd and V has two singleton parts, then we choose one of 
them, and we always place this chosen singleton part in rj '. To define ?/ for 
a given rj, we start with r( = and build it up by considering in turn each 
of the parts PofV contained in rj. If \P\ is even, then P is a union of parts 
of V of size 2, and we add all of these parts to rj'. If \P\ is odd, then we add 
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to rf all the parts of size 2 of V 1 contained in P. At this stage \r)'\ = ko — £, 
where £ is the number of odd sized parts of V contained in 77. Next we add 
to 7]' up to \£/2\ parts of V of size 2 that contain points from two different 
parts of V. If rj' cannot be completed in this way then either (i) £ is odd, or 
(ii) £ is even and is equal to the number of odd sized parts of V . Case (i) 
occurs if and only if ko is odd, and here we add to rj' the designated singleton 
part of V . In case (ii) there are two singleton parts of V, and we add to 7/ 
these two singleton parts. 

Note that, if i > 2, then we may have had some freedom in choosing the 
\_£/2\ parts of V of size 2 that contain points from two different parts of V, 
so 77' may not be determined uniquely by rj. On the other hand, 77' always 
determines 77 uniquely, since r] is the union of the parts of V that have at 
least two points in rj . Thus distinct sets r\ correspond to distinct sets rj . 

It follows that N-p(ko) < N' where N' is the number of /co-subsets 7CW 
such that 7 is a union of parts of V and in addition, if ko is odd and V 
has two singleton parts, then 7 contains a designated one of these singleton 
parts. 

Suppose that 7 is such a /c - su bset. If V has at most one part of size 1, 
then 7 contains |_^o/2j of the parts of V of size 2 (and also a singleton part 
if k is odd). Thus N' < ( 1*0/21 ) ■ Note that in this case, if k were odd, then 

V would have at least one odd part, and so V would have exactly one odd 
part, whence u would be odd. Thus the first assertion is proved in this case. 
So suppose that V has two singleton parts, in which case u is even. If k is 
odd then ko > 3 and 7 consists of [ko/2\ of the parts of V of size 2 and the 
designated singleton part, whence u>A and N' < {^~^ly^) < (n^/2j)- O n 
the other hand, if ko is even then 7 consists of fco/2 of the two-point parts (or 
k /2 — 1 parts of size two and the two singleton parts). Again N' < (^^j)- 
This proves the first assertion in all cases. 

Note that \u/2\ = \_ko/2\ if and only if either ko = u, or k = u — 1 with 
u odd. If ko — u obviously N-p(ko) — N' — 1. If ko — u — 1 with u odd then 

V has a unique part of size 1 and its complement is the unique /co-subset of 
U that is a union of parts of V - it may or may not be a union of parts of 
V.ThusN v (ko)<N' = l<^C o ). 

So suppose from now on that [/co/2j < [u/2\, and set Ui = [u/2\ and 
ki = [k /2\. Then (^ /2j) = (Ii)' arL( ^ by Lemma 12, this is at most 
2ui-i Gfc 1 ) • ^ ^° anc ^ u are even ' then ko < u and this quantity is at most 

(J).' If ko is even and u is odd, then 2 < k and 5^1 g£) = ^C^ 1 ). 
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This in turn is at most ^ty(^ )- Now suppose ko and u are odd. Then 
LV2J < [u/2\ implies k < u- 2, and = ^(^\) which is at 

most ^-j- J . Finally consider ko odd and u is even. As shown above u > 4 

and iV' < Qi^iy^}- By Lemma 12, this is at most ~3(^,~ 2 i)) which in turn 
is at most _i T («). □ 

For a prime p and an integer n, let n p denote the p-part of n, that is the 
highest power of p dividing n. Recall that, for a positive integer ko < n, a 
fco-subset 7' of f2, and an element g G £„, we denote by Ck (j',g) the length 
of the g-cycle containing 7' in the action of g on /co-sets. 

Lemma 16. Lei g G S n , tei C be a g-cycle of length t, let k Q be a positive 
integer such that ko <t and let p be a prime dividing t. 

(a) Suppose that 7' is a k -subset of C such that the p-part t p does not 
divide 0^(7', g). Then 7' is a union of Z(C,p)- orbits, where Z(C,p) is 
the subgroup of order p of the cyclic group (g c ) = Z t induced by g on 
C. In particular p divides gcd(&o, t). 

(b) The number o~(ko,C) of ko- sub sets 7' of C such that t p does not divide 
c k (l',g) is at most {}j^%\)> an< ^ ^ n P ar ^ cu ^ ar , is 1 if ko = t, and at 
most thikj ifk <t. 

Proof, (a) Since t p does not divide Ck (j',g) and (g c ) = Z t , it follows that 
the setwise stabiliser H of 7' in (g c ) contains the unique subgroup Z(C,p) 
of (g°) of order p. As 7' is //-invariant, 7' is a union of if -orb its in C, and 
hence 7' is a union of Z(C, p)-orbits in C. In particular, p divides k as well 
as t. 

(b) If ko = t then C is its unique /co-subset and a (ho, C) = 1. If fco < t 
then, by Proposition 15, a(k ,C) < (i^/^j) an( ^ a ^ so a (ko,C) < ^zi( fc * )- □ 

Corollary 17. Let G,n,m,r be as in one of the lines of Table 1, and let 
g G G. Let be as in Table 2 with u = and let ko be a positive 

integer such that ko < u. Then the number a(ko,H(g)) of ko-subsets 7' of 
£(<?) such that 0^(7',^) divides rm satisfies 

(0 if ko = l 

<r(ko, E(g)) < < 1 if ko = u 

VMO ifl<ko<u. 
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Proof. For each g-cycle C in by the definition of |C| does not 

divide rm, and hence there exists a prime p(C) such that |C|p(c) does not 
divide rm. Let Z(C,p(C)) denote the subgroup of order p{C) of the cyclic 
group (g c ) induced by g on C, let V(C) denote the set of Z(C,p(C))-orbits 
in C (all of length p(C)), and let V = UcV(C) denote the corresponding 
partition of 

Suppose that 7' is a fco-subset of and for each g-cycle C in £(#), let 
fc(C) = |7'nC|. Then Ck (j', g) is the least common multiple of Ck(c)(l'^C, g), 
over all ^-cycles C such that k{C) 7^ 0. Note that ^(YnC,^ divides |C|. 

Suppose now that 0^(7', g) divides rm. Then for each C such that fc(C) 7^ 
0, also Cfc((7)(7'nC,5) divides rm, and hence |C| p (c) does not divide c^c)(l'^ 
C, g). By Lemma 16, 7' fl C is a union of parts of V(C). Thus 7' is a union 
of parts of V. Since all parts of V have size at least 2, this implies that 
a(ko, S(flO) = if fco = 1, and the inequality for 1 < A; < m follows from 
Proposition 15. □ 



7 Tracing /c-subsets 

For the remainder of this paper we assume that k is an integer with 2 < k < 
n/2. We use A(g), E(^) and other notation introduced in Tables 2 and 3. 
Further, we use without further reference the number M of independent 
uniformly distributed random /c-subsets in Algorithm 2 TraceCycle, where 
M satisfies (2), in particular M > 4. 

Proposition 18. Let G,n,m,r be as in one of the lines of Table 1, and 
suppose that g G G does not contain an m-cycle. Set v = \A(g)\ and suppose 
that v < n — k — 1. Then the proportion of k-subsets 7 of Q such that 
c k(l,g) = tqtti, for some ro dividing r, is at most \ + n _ 1 v _ 1 ■ 

Proof. Set u = n — v = \T,(g)\. Suppose that 7 is a fc-subset of fl such 
that Cfc(7,(?) = r m for some r dividing r, and set ko := I7 fl ^(g)\. Then 
fco < minj/c, u}. By assumption, v < n — k — 1 and sott = n- t;>li; + l and 
k < min{k,u} = k. Also Ck (l H £(<?), g) divides 0^(7,^), and hence divides 
rm. By Corollary 17, the number a(k ,T,(g)) of &o-subsets 7' of £(#) such 
that ci eo ('Y,g) divides rm is if ko — 1, 1 if A;o = and at most ^77 (^ ), 
otherwise. If ko — then 7 is one of the (?) /c-subsets of A(p). Thus the 
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number of possibilities for 7 is at most 



< 



J + Y>(^( 9 ))( 

7 fco=2 V U 



v \ 1 \— v u \ n — u 



k J u — 1 ^— ' \ fcn / V k — k ( 

kg=2 



'v\ 1 fn 
< 1,1 + 



fcy u — l\k 

Now u — 1 = n — v — 1, hence the above is (^) + w _^_ 1 m . By Lemma 13(a), 
(^) is at most (v/n) k (2), which completes the proof. □ 

Lemma 19. Let G,n,m,r be as in one of the lines of Table 1. Let g be 
a uniformly distributed random element of G, and suppose that g does not 
contain an m-cycle, and that v = |A(g)| < n — k — 1. Then the following 
both hold. 

(a) Prob(TRACECYCLE((7) = true) < 2 M + (^n) M 

(b) Prob(TRACECYCLE((7) = true) < 16 max { (^) 4 , (^r) 4 } • 

Moreover, if3<v<n-3 then Prob(TRACECYCLE(g) = true) < 16 (^) 4 . 

Proof. Now TraceCycle(^) = true if and only if 0^(7, g) = r^m, for some 
ro dividing r, for each of the M independent uniformly distributed random 
/c-sets 7 tested during the algorithm. Thus if g does not contain an Tri- 
cycle, the probability that TraceCycle(^) = true is p M , where p is the 
proportion of fc-subsets 7 such that 0^(7, g) = r§m for some ro dividing r. By 
Proposition 18, p < ^ + n _ l v _ l ■ Note that p M < p A since p < 1 and M > 4. 
Set x = £ and y = If x < y then (x + y) M < (2y) M = 2 M y M , and 

similarly if x > y then (x + y) M < 2 M x M . It follows that p M < 2 M (x M + y M ), 
proving part (a). 

For (b), we observe that 

p M < p A < (x + y) A < (2 max{x, y}) A = 16 • max{x, y} A . 

Part (b) follows on noting that x < v/n (since v < n). Finally suppose that 
3 < v < n — 3. Then n>v + 3>v + 2 + so n(v — 1) > v 2 + v and hence 
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(n — v — l)v > n, that is, - > -, rr. The last assertion now follows from 

part (b). □ 

Now we analyse the effect of TraceCycle applied to elements of 1Z. 

Proposition 20. Let G, n, m, r be as in one of the lines of Table 1 and 
suppose that 12(rn) s + 6 < n. Then, for a uniformly distributed random 
element g G G, 

( 33 \ M 

Prob(TRACECYCLE(o) = true I g G 1Z) < — - — 

\8rr~ s / 

Proof. By definition, for g G 7Z, v — |A(g)| < 4(rn) s and g does not contain 
an m-cycle. By our assumptions on n and k and the hypothesis, we have 
n — k — 1 > n/2 — 1 > 4(rn) s > v. 

Thus by Proposition 18, the proportion of fc-subsets 7 such that 0^(7, g) = 

r m, for some r dividing r, is at most ^4 H — r < ^ \, H ,/ ^ T . 

Now TRACECYCLE(g) = true if and only if 0^(7, g) = r m, for some r 
dividing r, for each of M independent uniformly distributed random /c-sets 
7 tested during the algorithm. Thus, given g E 1Z, the probability of this 
occurring is at most 

(4r s ) fc 1 



n k{l s) n _ 4( rn )s _ I 



Now 12(rn) s < n, that is to say, ^7 < ^. Also A; > 2, r < 3 and s < 

r s n l ~' 

TRACECYCLE(g) = true is at most 



1. Therefore (^f=^) k < (^t=t) 2 < 3 rS- a < n^ 7- Also, by assumption, n — 
4(rn) s — 1 > 8(rn) s + 5 > 8r s n s > 8r s n 1_s . Therefore, the probability that 



\ M < / 33 



n l-s g r s n l-s / \ 877,1- 



□ 

Next we analyse the effect of TraceCycle applied to elements of M goo d 
(defined in Table 3). 
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Lemma 21. Let G,n,m,r be as in one of the lines of Table 1, and let ko 
be an integer satisfying < k < k. Let g G M and let C be the m-cycle 
contained in g. Then the number of ko- sub sets of C that can occur as 7 fl C , 
for a k-subset 7 of Q such that 0^(7, g) is not divisible by m, is at most 



' 1 




if ko = and k < n — m 
if gcd(m, ko) = 1 or if 
ko < k — n + m 
w(gcd(m, fco)) (£/2j) */ g cd ( m ; k ) > 1 and 

ko > max{l, k — n + m} 



where u(d) is the number of distinct prime divisors of an integer d. 

Proof. Let a' be the number of /^-subsets of C that can occur as 7 fl C, for 
a fc-subset 7 of Q such that ^(7,^) is not divisible by m. Note that, if 7 is 
such a /c-subset, then j\C is contained in the complement C of C and hence 
& = I7I < ^0 + \C\ = ko + n — m. Thus if ko < k — n + m then cr' = 0. Also 
if k = > k — n + m, then 7flC = 0socr'<l. Suppose now that fco > 
and ko > k — n + m, that is, &o > max{l, k — n + m}. 

Let 7 be such that 0^(7,(7) is not divisible by m. Then Cfc (7 fl C, g) 
properly divides m, and hence there exists a prime p dividing m such that 
the p-part m p does not divide Cfc (7 fl C, g). By Lemma 16(a), p divides 
gcd(m, ko) (and in particular if gcd(m, ko) = 1 then a' = 0). If such a prime 
p exists then, by Lemma 16(b), the number of /co _su bsets '-/HC such that m p 
does not divide Cfc (7 fl C, g) is at most ({^^j)- Finally there are at most 
w(gcd(m, /co)) primes p to consider, and the proof is complete. □ 

Proposition 22. Let G,n,m,r be as in one of the lines of Table 1 and 
suppose that g G M goo d, and 12{rn) s + 6 < n. Then the proportion of k- 
subsets 7 of Q such that 0^(7, g) 7^ mro, for any ro dividing r, is at most 




where <7fc is as in Lemma 21. Moreover, for a uniformly distributed random 
element g G G, 

Prob(TRACECYCLE(g) = true | g G N goo d) > 
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Proof. Let C denote the m-cycle in g and let 7 be a fc-subset of f2 such that 
c k(l,g) 7^ mr o for an y r o dividing r. By the definition of M goo d, this implies 
that Cfc (7 (lC,j) is not divisible by m, where k = \jf]C\. Now < k < 
min{/c, m} = k, and moreover ko > k — (n — m) since 7 C (7 fl C) U (fi \ C). 
Given 7 D C, there are at most (j?Z^) choices for 7 \ C. Hence, by Lemma 
21, the number of such fc-subsets 7 is at most 

e -Cm) ^ 

fco=max{fc— n+m,0} 

where a = 1, and a ko = w((gcd(m, k )) ([^j) for ^0 > 0. Now 

o;(gcd(m, fc )) < w(A; ) < v^o < v^2A; (see for example, [12, p. 395]). 

Hence, X < v^fc £j 0=max{fc _ n+m , 0} ©2]) and b y Lemma 13 ( b )' we 

have, 




Now we consider the final assertion. Note that TRACECYCLE(g) = true 
if and only if, for each of the M independent uniformly distributed random 
/c-subsets 7 tested, we have 0^(7, g) = r^m for some ro dividing r. The class 
Ngood is, for some lines of Table 1, a union of several conjugacy classes of 
elements of S n , say Af goo d = UcN(C). For g £ A/"(C), the proportion p(C) 
of fc-subsets 7 of fl, such that 0^(7, (7) 7^ r m for any r dividing r, may 
depend on the class C, although, as we have shown above, p(C) < p for all 
C. Thus, given g E M{C), the probability that TraceCycle(^) = true is 
(1 -p(C)) M > (1 -p) M . This implies that 

Prob(TRACECYCLE(5() = true | g E N good ) > (1 - p) M . 
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Thus to complete the proof it is sufficient to prove that p < - for some upper 
bound p of X/Q). 

Note that, by Lemma 8(h), m > n — 6 > 150. Suppose first that 4 < 

— x 3x 

k < We consider the function F(x) = (^) 2 = e2 log 3^ on the interval 
[4,2]. Note that J| < £ < 1 and \ < [f] , so F(k) > (H)^ 1 , and hence 
p < y/8k~F(k). Differentiating we have F'(x) = F(x)\ (log(J^) + l) , and 
since F(x) > for x > 0, it follows that F(x) has a unique minimum at 
log = — 1, that is, when x = 4^ (which may or may not lie in the interval 
[4, |]). Thus the maximum of F(x) on the interval [4, ^] occurs at one of the 
endpoints. We claim that max{F(4), F(|)} < -^j^- It follows from a proof 
of this claim that p < \^8kF(k) < V8k-^j2 < f , since & < f ■ 

Since m > n — 6 > 150, we have m 2 > 9n 3 / 2 , which implies that F(A) = 
(±) 2 < ^. Also J| < | + £ < I and n 3 / 2 < 2"/ 4 . Then, applying 
Lemma 9(a), we find 

n A /3n\" /4 /1\" /4 1 
F( 2> = (taj < UJ 

proving the claim for k > 4. For the remaining cases where k = 2 or 3, note 
that w(gcd(m, & )) < 1 for 1 < k < 3, Ofc = when ko = 1, n > 156, and 
n — m < 6. If = 2 then by (17), 

A < g) | • (o) < 15-2 1 _m_ 12 

" G) - 155 n n-l n n" 

If = 3 then, again by (17), 

x_ , s + (?i + (!fi 

" © G) 

20-6 1 3-m(6 + l) 1 2 
< ■ - H • - < -. 

154 • 155 n 154(n - 1) n n 

□ 

8 Bounding So 

Let G,m,n,r be as in one of the lines of Table 1, so G is A n or S* n . To 
estimate the probability of a uniformly distributed random element g G G 
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being in <S or Sj~, and TraceCycle((?) = true we use the following result 
from [9]. Recall the definitions of an s-small and an s-large cycle and of 
v from Notation 3. Let i G {1,2,3}. In the next two sections we use the 
following notation: 

Notation 23. 1. For v > 1 let P(v,rm) denote the proportion of elements 
of S v of order dividing rm, and let P(0, rm) = 1. 

2. For v > 1 let -Po( w ; rm ) denote the proportion of elements of S v of order 
dividing rm, all of whose cycles are s-small, and let P (0,rm) = 1. 

3. Let Pi{v , rm) denote the proportion of elements g G 5^ of order divid- 
ing rm, and such that g has exactly one s-large cycle of length d, say, 
where in addition, d satisfies {rn) s < d < v — 3(rn) s . 

4. Let D denote the set of all divisors of rm which are at most n. 

5. Let Df(v) denote the set of all divisors d of rm satisfying (rn) s < d < 
v — 3(rn) s . 

Note that r = 1 or r is a prime. Hence the number d(rm) of positive 
divisors of rm is at most 2d(m), as <i|rm if and only if either d\m or d = rd 
and <io| m - 

Remark 24. The following result is essentially [9, Lemma 2.4]. Suppose that 
s, 5 and cs are as in Notation 3. In particular, s > S. In Lemma 25 we 

may use as a' s any constant such that a' s > | (1 + 3 ^^ S _ A - + 1 ) f° r 

all sufficiently large values of rm, say rm > mo- These conditions hold in 
particular for a' s ,mo in one of the lines of Table 7. Note that, for the proof 
of Theorem 2, we have n > 156 by Lemma 8(ii), so rm > 150, as in line 2 of 
Table 7. 





m 


25/4 


!/(«-«) 


as in (6) 


150 



Table 7: Possible values of a' s for Lemma 25 
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Lemma 25. Let m,n,r be as in one of the lines of Table 1. Further, let 
v > 16 and s, 5, c$ and as be as in Notation 3. Let a' s and m be as in one 
of the lines of Table 7 (or more generally as in Remark 24) and suppose that 
rm > niQ. Then 

, , „ . . a':d(rm)r 2s n 2s 

(a) P (v,rrn) < — { . 

(b) If3(rn) s < v then P (v,rm) < ^ ' ^ . 

v(v — (rn) ) d 

(c) P 1 + (i;,rm)= -P (v — d,rm). 

d£D+(v) 

Proof. This result follows from [9, Lemma 2.4] and its proof. A direct ap- 
plication of [9, Lemma 2.4] would require that rm > v, which we cannot 
guarantee to hold. However, the proof of that lemma shows, without the 
assumption that rm > v, that 

d(rm)(rm) 2s (l + 3cs(rm) s " s + (cs(rm) s ~ s ) 2 ) 
Po[v,rm) < 



v(v- 1)0 -2) 

whenever v > 3. Statement (a) follows from this, since m < n, 5 < s and, 
for v > 16, v(v — l)(v — 2) > |w 3 . To prove (b) we let D s denote the set of all 
divisors d of rm such that d < min{f , (rn) s }. By [9, Lemma 2.3(a)] we have 
that Pq(v, rm) = - J2deD ^o( v — d, rm), where Po(j, m) = for j < 0. Since, 
using Lemma 8(ii), v — d > 3(rn) s — (rn) s > 24 for d G D s , we have by (a) 

that P (v - d,rm) < a '^ n " . Thus P (v,rm) < 

Since v — d > v — r s n s > for d G D s , and \D S \ < d(rm), we have Po(v,rm) < 

a' s d(rrn) 2 r 2a n 2a 
ti(t>-(rn) s ) 3 

Finally, we prove (c). The number of permutations in S v of order dividing 
rm with exactly one s-large cycle of a given length, d say, where d divides 
rm and {rn) s < d < v — 3(rn) s is Q) (d — 1)\Pq(v — d, rm){v — d)\. Hence the 
proportion in S v of such permutations is \Pq{v — d,rm). Summing over all 
d G Df(v) yields the desired result. □ 
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Proposition 26. Let G,m,n,r be as in one of the lines of Table 1. If 
12(rn) s +6 < n and (rn) s log(n) < n then, for a uniformly distributed random 
element g G G, 

72 

Prob(# 6 5 nG and TraceCycle(^) = true) < a s d(rm) 2 r 2s 



n 3-2s 



where as is as in (6) . 

Proof. The set So = 050(1'), where So(v) is the set of all g G <5>o with |A(g)| = 
v, where v ranges over all integers satisfying 4(rn) s < v < n. 

For g G Sq(v), the restriction g A ^ of g to A(g) is a permutation in 
Sym(A(g)) of order dividing rm with all cycles of length less than (rn) s . 
Consider a fixed v-set A. If G = S n , then all elements of Sym(A) are induced 
by permutations in G. On the other hand if G = A n , then one of the lines 4-9 
of Table 1 holds and hence rm is odd; thus all elements of Sym(A) of order 
dividing rm actually lie in Alt (A) and are therefore induced by elements 
of G. Therefore in all cases the number of possibilities for the restriction 
g A of elements g G G, for a given f-subset A = A(g), is v\Po(v,rm) and 
the restriction g E where £ = fi\A lies in Sym(S) or Alt(S) according as 
G = S n or A n , respectively Hence the number of permutations in So fl G 
corresponding to this value of v satisfies 

|5oHnG| < (^WoKrm)jl^ = ni ^'.ffi = \G\ ■ P (v , rm) . 

As 3(rn) s < 4(rn) s < v, we have n > 156 by Lemma 8(ii) so rm > 150, and 
hence we can apply Lemma 25(b) with a' s = as- Thus, for a random g G G, 

ProbQ? G <S (^) nG)< P (v,rm) < a ^( rm ) 2 r 2 ^ 2s 



v(v — (rn) s ) 3 



For any g G S n with |A(gf)| = v and v < n — k — 1, we have in particular 
3 < t> < n — 3. Hence by Lemma 19(b), given that g G Sq(v) PI G with 
d < n — k — 1, 



Prob( Trace Cycle (g) = true) < 16 



Hence, iff < n — k — 1, then the probability that g G iSo(w) and 
TRACECYCLE(g) = true is at most a$d(rm) 2 r 2s n 2s v( ^_ l ^ n yy A (^) 4 ; and if 
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n — k — 1 < v < n, this probability is at most asd(rm) 2 r 2s n 2s v ^ v _^ rn y- ) 3 ■ 
Summing over the values of v, we find 

Prob(# E S n G and TraceCycle(#) = true) < E x + E 2 

where 

2 r 2s n 2s v f 3 

Ei = 16a 5 d(rm) — > — ^— , 

n 4 *— ' (i> — rn r 

4(rn) s <«<n-fc-l v \ / / 

E 2 = a,d(rm)V\ 2s ^ 



(?; — (rn) s ) 4 



We first consider Ei and apply Lemma 11 with a = 4(rn) s , c = (rn) s , 
t = £ = 3, and n — k — 1 in place of n. We also use a — 1 — c = 3(rn) s — 1 > 
2(rn) s , and find 



Ei = 16a<j<i(rnV 



< I6asd(rm) — — — + 



2 r 2s n 2s 


E 


n 4 


4(rn) s <i)<n 


2 r 2s n 2s 


/ (rn) 3s 


n 4 


I 8(rn) 2s 



V 3 



^ (v — (rn) ) 3 
3(rn) 2s 



2(rn) 



/3V . ai . , 1N /3\ ((rn) s )° (n-k- (rn) 3 ) 1 
+ (rn) log(n - k - 1) + ' 



< -Lg a <5^( rm ) 2r * 2s f ( rn Y _|_ 3(rn) s | 3 log(ra)(r?T,) s | n — (rn)' 



n i 2 S \ g n 2n n n 



The assumption 12(rn) s + 6 < n implies by Lemma 8(i) that (rn) s jn < 
1/12. Also, by our hypothesis, (rn) s log(n) < n and, therefore, E x < 
i 6a ^)V^ + A + 3 + 1) < ggjg^gzf! . Finally, we estimate E 2 . 

n— k<v<n 

Since k < n/2, and since „_^ n ^ is decreasing for u in the interval [n— k— 2, n], 



37 



we have by Lemma 10 and Lemma 8 that 



\2 2s2s 



S 2 < a s d(rm) r s n s — rjrrdv 

In/2-1 - (rn) Y 



= a 5 d(rm) 2 r 2s n 2s — j- s 

3(v — (rn) ) 6 

< a s d(rm) 2 r 2s n 2s 



n/2-l 



3(n/2 - 1 - (rn) s ) 3 

asd(rm) 2 r 2s n 2s 



3n 3 (l - 2/n - 2(rn) s /nf 

< a s d(rm) 2 r 2s n 2s 



3n 3 (l - 2/156 - 2/12) 



3 



< 4.83 a s d(rm) 2 r 2s 



n 3-2s 



Adding the upper bounds for Si and S 2 we find that 

72 



Prob(g G S D G and TRACECYCLE(g) = true) < asd(rm) r 



2 2s 



n 3-2s 



9 Bounding S 1 



+ 



□ 



Let G, m, n, r be as in one of the lines of Table 1, so G is A n or S n . 

Recall the definitions of an s-small and an s-large cycle and of v from 
Notation 3 and the notation set out in Notation 23. 

Proposition 27. Let G,n,m,r be as in one of the lines of Table 1. If n 
is such that 12(rn) s + 6 < n and (rn) s \og(n) < n , then for a uniformly 
distributed random element g G G, 

6 24 

Prob(g G Pi G and TRACECYCLE(g) = true) < asd(rm) 3 —^. 

Proof. The set = USi(v), where Si(v) is the set of all g G Si with 
|A(p)| = v and v ranges over integers satisfying 4(rn) s < v < n. For a given 
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v, an analogous argument to that given in the second paragraph of the proof 
of Proposition 26 shows that 

\S+{v) n G\ < f 71 ) ■ v\P+(v, rm) A n ~ v ^ 



vj iy \S n : G\ 

= — 7tr = p ] K rm ) ■ \ G \- 

\o n : Lr\ 

Thus applying Lemma 25(c) we have, for a random g G G, 

Prob(g G $i(v) H G) < Pi(v, rm) = d^ ^ ~ ^' rm ^' 

d<ED+(v) 

If |A(g)| = v and u < n — k — 1, then in particular 3 < v < n — 3. Hence by 
Lemma 19(b), given that g G <S^(t>) HG with |A(gr)| = v with u < n — k — 1, 

Prob(TRACECYCLE(5() = true) < 16 . 

Thus, if v < n — k — 1, the probability that g G S^(v) fl G and 
TraceCycle(^) = true is at most 



E ^o(«-d I rm)]l6(^y 



and if n — k < u this probability is at most 



-P (v — d,rm). 



d 

Summing over v we find 

Prob(# G fl G and TRACECYCLE(g) = true) < S x + S 2 

where 



Si = 16 £ 

4(rn) s <i)<n— A: 



| ^ -Po(v-d,rm)j 

-1 \d623+(«) / 

^ I J] ^ p o(^-d,rm) J • 

-k<v<n \d<=D+(v) / 



39 



First we consider Si. Interchanging the two summations and taking the 
sum up to n, we obtain the following upper bound, where Dg denotes the set 
of all divisors d of rm satisfying d > (rn) s . Note that v > d + 3(rn) s (see 
Notation 3). 



d&D t \3(rn) s +d<v<n 



rm) ■ — 



Since rm > 150 by Lemma 8(ii), we may apply Lemma 25(b) with a' s 
ag, and find that this expression is at most 



d£D e \ 



3(m) s +d<v<n 



asd(rm) 2 r 2s n 2s t> 4 
(v — d)(v — d — (rn) s ) 3 n 4 



asd(rm) 2 r 2s n 2s v-^ 1 
< 16 ■ 



^ d\ ^ (v — d — (rnY) 4 

d&D e \3{rn) a +d<v<n V V 1 ' 



Now we apply Lemma 11 with t = I = 4, a = 3(rn) s + d and c = d + (rn) s . 
Noting that a — c — 1 = 2(rn) s — 1, we obtain that this expression is at most 

g s d(rm) 2 r 2 °n 2s ^ I ( + (rn)') 4 ( 4 ) (d + (rn) s ) 3 



n 4 ^ d \ 3(2(rn) s - l) 3 2(2(rn) s - l) 2 

+ ( J (d + (rn) s )°(n + l-d- (rn) 3 ) 1 



Note that 2(rn) s — 1 > j^r s n s by Lemma 8(iii) and, since d > (rn) s , also 
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< 2. Note also that d + (rn) s < n and n + 1 — d — {rn) s < n. Hence 



d+lrn) 

,a s d{rmfr 2s n 2s ( 2 • 12 3 • n 3 4 • 12 2 n 2 12 ■ Un 1 



Ei < 16- 



n 4 V 3 ■ 23 3 • r 3s n 3s 23 2 r 2s n 2s 23r s n s 



+ 8 • log(n) 



n 1 



(rn) s 



16a s d(rm) 3 ( 3456 576 lUr s 



V 36501r s 529n 1 ~ s 23n 2 " 



8r log(n) r s 



+ 5 o + 



Since, by hypothesis (rn) s log(n) < n and by Lemma 8(i) ra s /n < r s n s /n < 
1/12 and r > 1, the last expression is at most 

16a 5 d(rm) 3 f 3456 576 144 8 1 

n}+ s V 36501 + 529 ■ 12 + 23 ■ 12 2 + 12 2 + 12 2 

d(rm) 3 



< 4.7a s - 



n l+s 



We now consider E 2 = £ n _ fc <„< n (EdeD+M \ P ^ V ~ d,rm)^j . As v-d > 
3(rn) s and n — k > n/2 we have by Lemma 25(b) (with a' s = as) that 

^ < V I V - 

asd(rm) 2 (rn) 2s ~ ^ \ + d(v - d - (rn) s ) 4 

V J K ' n/2<v<n \deD+(v) 



E -A E 



1 



<i \ ^— ' (v — d — (rnYY 

d£D+(v) \v(d)<v<n v v y y 

where v(d) = max{|,<i + 3(rn) s } since, by Notation 23, each d G Df(v) is 



41 



less than v — 3(rn) s . By Lemma 10, this quantity is at most 

1 



y 1 



d \Jv(d)-i (v-d - (rn) s ) 4 



dv 



d 1 



y - 

A 



< 



y 1 



3 (v — d — (rn) s ) 3 
1 



v(d)-l 



3d (v(d) - l-d - (rn) s ) 3 

d&D+{v) 



In particular each d G Df(v) is less than m. By Lemma 6, there are at most 
three divisors of rm which are less than m and greater than 2m/ 7, and the 
sum of the reciprocals k of these divisors is at most — , which is less than — 

c d m> n 

since n > 156 (by Lemma 8(H)). Using v(d) > d + 3(rn) s and Lemma 8(iii), 
the contribution from these exceptional divisors is therefore at most 



y - 

L^i %A 



12 \ 3 7.3 0.35 



< —, i — < 



(2(rn) s -l) 3 ^ 3d \23(rn) s J 3n (rnf'n 

d£Df(v),d>2m/7 

Finally we estimate the contribution of the remaining elements d of Df(v). 
We note that each such d is at most and at least (rn) s , and that (rn) s < 
by our hypothesis. Thus, using v(d) > |, the remaining contribution is 
at most 

d(rm) 1 
3(rn) s (n _ i _ 2p _ 

Observe that § - 1 - f - ^ = and since n > 84 by Lemma 8(a) 

we have lln 84 i2 > f • Hence, using also that < (by Lemma 8(i)), the 
above expression is less than 

d(rm) 8 3 ^ d(rm) 8 3 ^ 1.19 d{rm) 



(rn) s 3n 3 12 2 • 3 (rn) 3s n (rn) 3s n 
Thus 



a$d(rm) 2 (rn) 



< 



0.35 

(rn) 3s n 



1.19 d(rm) ^ 1.54 d(rm 



(rn) 3s n 



rn) 2s n l+s 
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and hence 

Prob(g G fl G and TraceCycle(#) = true) < 6.24 ag v l+ ' s . 



□ 



10 Bounding S>2 

Proposition 28. Let G,m,n,r be as in one of the lines of Table 1. Then 

\S> 2 n G| d(rm) 2 
|C| (rn) 2s 

Proof. If g is an element of *S> 2 fl G then it has two cycles of lengths di,d 2 , 
where di\rm, and di > (rn) s . There are at most d(rm) choices for each di. 
Thus, there are at most d(rm) 2 choices for the two divisors d\ and c?2- For a 
given di, d%, the proportion of elements in G having cycles of lengths d\ and 
<i 2 is at most 

(d^y 1 < (rn)- 2s . 

Thus altogether we get a proportion of at most d(rm) 2 (rn)~ 2s . □ 



11 Bounding S x 

Proposition 29. Let G,m,n,r be as in one of the lines of Table 1. Suppose 
that n is such that 12(rn) s + 6 < n. Let k be a fixed integer with 2 < k < n/2. 
Then 

(a) the proportion of k -sub sets 7 such that 0^(7,(7) = r^m, for some r$ 
dividing r, for g G 5-f fl G, is less than 31/ ((ra) 1 " 5 ). 

(b) If TraceCycle is Algorithm 2 and M is as defined there, then for a 
uniformly distributed random element g G G, 

( 3] 

Prob(TRACECYCLE(#) = true | g G S 1 D G) < 

\(rn) 
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and so 



Prob(g G S 1 fl G and TraceCycle(^) = true) < 



31 \ M 



'rn) 1 s 



Proof. We start by recording some important facts used throughout the 
proof. Let g G fl G and put v = |A(g)| and u = \H(g)\, such that 
u + v — n. The definition of S{ implies that g has a unique s-large cycle C 
in A(g) of length d and we have 

(i) d < n and d 7^ m since g G J 7 ; 

(ii) w > A(rn) s and v — d < 3(rn) s . 

By Lemma 6 and the hypothesis n > 12(rn) s + 6, it follows that d < 2m/3 < 
2n/3. Hence u = n — v > n — d — 3(rn) s > | — 3(rn) s > 4(rn) s + 2 — 
3(rn) s = (rn) s + 2. Also, t> < d + 3(rn) s < ^ + 3(rn) s . This implies that 
v = n — u < n — 2 — (rn) s and hence in particular 

v<n~3 (18) 

and 

1 1 1 



< 7 — < r-j- ( 19 ) 

Set t = i> — d so that t = v — d < 3(rn) s . Then 

u = d + t < 2n/3 + 3(rn) s . (20) 

Suppose that 7 is a &;-subset for which 0^(7, (?) = r m, for some r dividing 
r, and set fc := |7 ^ S ( c/) | . Then Cfc (7 fl 11(g), g) divides rm, and hence the 
number of possibilities for the fco-subset 7 fl £(<?) is at most the number 
cr(k , S(flO) °f Corollary 17. In particular <r(fco, £(gf)) = if k = 1. Thus 
fco = or 2 < k < min{w, k}, and the case k Q = is only possible if v > k. 

First we prove the following upper bound for the number K^ = K^ (g) 
of /c-subsets 7 such that k = \ j fl H(g)\ > 2. 

*± < 97 (21) 
CD < 96(m) 1 -" ^ 
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By the remarks above 

min{fc,?i} 
k =2 

If ko < u — 1 then, by Corollary 17 and our considerations above, 
a(k ,E(g)) < ^(«) < ^y©, while if k = u then a (fc , £(<?)) = 1. 
Thus 



where 



Hence 




Thus (21) is proved if k < u — 1, so suppose that k > u. Recall that u > 
(rn) 1_s + 1 by (19). Hence 

Using n 1_s > 12 > 8 (see Lemma 8(i)) and Lemma 9(a), we have i?_,o < 

| (|) (rn) < | 4(rn) 2 ( i- s) < ^(^p^> and now the inequality (21) follows 
from inequality (22). 

To complete the proof of part (a) it remains to estimate the number 
K=o = K =0 (g) of /c-subsets 7 C A(g) such that 0^(7,(7) = r m for some r 
dividing r. Since this number is zero if v < k, we assume that v > k. Recall 
that C is the unique s-large cycle of g contained in A(g) and d = \C\. By 



n — u 
k — k 
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Lemma 6, d < 2m/3 < 2n/3. Since m divides 0^(7, g) it follows that 7 % C. 
We prove 



K =0 30.6 

< --T^I- (23) 
(rn) 



The number if =0 of such /c-subsets is at most (?) — (,). 
Set i = v — d so that t = v — d < 3(rn) s . Then we have 

^ = ^{d + t)(d + t - 1) . . . (d + t - k + 1). 

We consider separately the cases (i) (rn) 5 < fc, (ii) k < mm{(rn) s ,d — 
t + 1}, and (hi) d - t + 1 < k < {rn) s . Recall that {rn) s < d. 

Consider first Case (ii), so k < (rn) s and d — t + 1 > k. If d < m/2 
define a = 1 and observe that < a. If d > m/2 then, by Lemma 6, it 

follows that d > 3m /5. In this case , ? M < Q 3 i rn ? ^ = ,„ / 3( - r "\ 3/ s . By 

— ' d—k+l — 3rn/b—(rn) rn(3/o—(rn) fm) J 

the hypothesis (rn) s < (n — 6)/12 < m/12 and by Lemma 8(i) we have then 

l=m ^ n (3/5-1/12) = M • In this case define a = M • Then a S ain d^FTT ^ a - 
Setting := d(d — 1) . . . (d — k + 1), by Lemma 14 we obtain 

v\ 1 

k) = y( d + t )( d + t - 1 ) ■■■(d + t- k+1) 

1 /, A (l + a) fc t 
< jfc! V + a(d-fc + l) 

If d < m/2 we have a = 1 and so 

v\ /d\ /d\ 2 fc t 

< 



K k J ~ \kj \kj d — k + l 
Applying Lemma 13(a) with a = |, 

cZ\ 1 fn\d — k + 1 



k ~ 2 k ~ 1 \k n-k 
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Hence 



< i :) - (1) < (i) . 2 ? < (:) 2 ! < M 2t 



kj Vv \k J d — k + 1 \k J n — k+1 \k J n — k 
On the other hand, if m/2 < d < 2n/3, then a — || , and (24) becomes 
v\ fd\ fd\fAQ\ k 31t 



JcJ ~ \kj \kj\3lj 15(d-Jfe + l) 

By Lemma 13(a) with a = |, 

/d\ < 2 fc - x fn\d-k + 1 

and hence 



fc 7 3 kl \k/n — k 



----- 'i)-©< 

n^" 1 (46/31) fc 31t 



< 



< 



fcy 3*" 1 15(ra - fc + 1) 

n\92 fc 31t /n\ 31t 

fcj 93 fc 10(n - fc) < \Jfc/ 10(ra - fc) ' 



Note that by Lemma 8, since k < (rn) s and by our assumptions, -^-^ < 

3(rn) s < 3(rn) s < 3(rn) s _ 36(rn) s 
n{\-k[n) — n(l-(rn) s /n) — n(ll/12) ~~ lln " 

Thus for all d we have 

K-o 31-36 (rn) s 10.2 r 30.6 
< — -< ^< 



10-11 n 



\rn) (rn) 



and (23) is proved for Case (ii). 

Now consider Cases (i) and (iii). Recall from (20) that v = d + t < 
2n/3 + 3(rn) s . By Lemma 8(i), {rn) s < j^n. Therefore v < 2n/3 + ^n = j|n. 
This shows, using Lemma 13(a), that 

k^l < © - ffl : S) 
- © © 



n/ _ V 12 
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In Case (i) we have k > (rn) s and hence, observing that (rn) s > n 1 ^ 2 > 12 

5 

(rn) 



by Lemma 8(i), and using Lemma 9(b), we have (^) k < (-jf)^ < T^f < 



^4^- Thus < -4^7 and (23) holds for Case (i). 

In Case (hi) we have (rn) s > k > d — t + 1 and so d < 4(rn) s as t < 3(rn)* 
Therefore, u = d + 1 < 7(rn) s , and using Lemmas 8(i) and 13(a), 

K =0 fv\ k /7(rn) SN 







< - < 



n/ \ n 



'7(rn) s \ < 49(rn) s < 49 



n 



Yin 4(rn) 



l-s ■ 



Thus (23) holds for Case (iii) and hence in all cases. 

Combining (23) with (21), we conclude that the proportion of /c-subsets 
7 such that 0^(7, g) = tqiti, for some tq dividing r, is less than 31/((rr7,) 1_s ) 
for all values of k and v. This proves (a). 

Now TRACECYCLE((yf) = true if and only if 0^(7,(7) = r^m, for some 
ro dividing r, for each of the M independent uniformly distributed random 
fc-sets 7 tested in the algorithm. Thus, given g £ S± fl G, the probability 

that TraceCycle(c7) = true is at most (31/ '((rn) 1 " 3 )) . 

The last assertion follows on noting that for events A and B we have 
Prob(A n B) = Prob(A)Prob( J B | A) < Prob( J B | A). □ 
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